Attackers don’t care about CVSS scores — they care about what gets them access. Most of the time, that means taking the path of least resistance: exposed services, misconfigurations, weak segmentation, and other soft spots that rarely show up in traditional vulnerability scans.
And yet, most vulnerability management programs still focus on the obvious: high-severity CVEs with big scores and flashy names. But that approach misses broad classes of exposures. Some of the riskiest assets in your environment don’t have a single critical vulnerability. Instead, it’s the combination of moderate CVEs and non-CVE risks — stacked together — that opens the door to compromise.
To stay ahead, you need a solution that evaluates risk like an attacker does: by looking at the whole picture, not just the highest score.
Why CVSS On Its Own Doesn’t Cut It #
Risk isn’t just about numbers — it’s about the context behind those numbers. Let’s say you scan your environment and find a CVE with a 5.6 score — a medium risk. A quick triage might toss it into the “not urgent” pile in favor of higher-scoring threats. But what if that vulnerability is found on an asset that:
Is running End-of-Life (EOL) software, meaning no patches are coming
Is exposed to the internet, making it easy prey
Has another vulnerability listed in CISA’s KEV catalog
Is multi-homed, bridging internal network segments
Lacks security controls, like EDR, or has misconfigured permissions
Is unmonitored or unmanaged, falling outside standard patch or detection routines
Suddenly, your “medium” CVSS vulnerability just became a high-priority issue.
Did the CVSS score somehow change? No, just the context.
And this scenario plays out all the time. Traditional scanners are notorious for burying real-world risks beneath mountains of “critical” CVEs — giving attackers plenty of room to slip through the cracks.
At runZero, we want to help you manage exposure, not just chase scores.
runZero: The Context Engine #
By prioritizing based on stacked risks at the asset level, the endless queue of high-priority items shrinks. Focusing on stacked risks means shorter remediation lists, faster progress, and fewer fires — without burning out the security team.
That’s where runZero comes in. runZero doesn’t just identify exposures and blindly rank them. We build deep context around every asset. Here’s how.
First, we discover everything across your environment: IT, OT, IoT, cloud, mobile — even the unmanageable and unknown — across both your internal and external attack surfaces.
Then, we go deeper. Our advanced fingerprinting uncovers critical insights into services, connections, ownership, hygiene, and more, building detailed profiles of each asset leveraging a library of almost 1000 attributes.
Our exposure discovery goes beyond CVEs, surfacing a broader range of threats that traditional scanners miss, including:
Misconfigurations
Missing security controls
Weak segmentation
Internally hosted assets that are accidentally public
Insecure or unnecessary services
Risky assets bridged to other networks and devices
These weak spots don’t always show up on a vulnerability scan but still offer easy footholds to attackers. Our deep asset-level data and coverage of non-CVE exposures is the critical context that allows runZero to correlate multiple risk signals into meaningful, actionable exposures enabling you to tackle the highest risks first.
Let’s take a closer look at a real example in the runZero Platform to see how we surface stacked risk that CVSS alone misrepresented.
Complete Context Delivers Better Outcomes #
Prioritization of individual CVEs is the same as judging a storm by just one cloud. Sure, it might be dark, but that certainly isn’t the whole forecast.
With runZero, you see the full storm front, providing asset-level context that indicates where risk factors converge. More importantly, you know exactly what to tackle first. No more guesswork. No more noise. Just clear signals, actionable exposure management, delivered.
About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.